I just finished watching the House Intelligence Committee hearing on the NSA programs revealed by Edward Snowden. I’ll have a lot more to say about the content of the revelations in the next few days. But first, a general observation.

Since the initial Snowden revelations, the Intelligence Community and other Administration surrogates have been trying to minimize our understanding of the scope of their surveillance and use traditional fearmongering to justify the programs by focusing on the importance of the Section 702 collection to stopping terrorism. While James Clapper’s office has made it clear that Section 702 goes beyond counterterrorism by revealing that its successes include counterproliferation and cybersecurity successes, as well as counterterrorism ones, the focus has nevertheless been on TERROR TERROR TERROR.

Today’s hearing was really the culmination of that process, when Keith Alexander boasted up upwards of 50 terrorist plots — about 40 of which were overseas — that Section 702 has prevented.

Mr. Joyce described a plot to blow up the New York Stock Exchange by a Kansas City man, whom the agency was able to identify because he was in contact with “an extremist” in Yemen who was under surveillance. Mr. Joyce also talked about a San Diego man who planned to send financial support to a terrorist group in Somalia, and who was identified because the N.S.A. flagged his phone number as suspicious through its database of all domestic phone call logs, which was brought to light by Mr. Snowden’s disclosures.

… the government has either overblown the importance of these programs and their success or are fairly minor plots.

None of the four may be as uniquely worthwhile as the cyberattack described by Clapper’s office a week ago, which it has not, however, fleshed out.

Communications collected under Section 702 have provided significant and unique intelligence regarding potential cyber threats to the United States, including specific potential network computer attacks. This insight has led to successful efforts to mitigate these threats.

That is, the government might–might!–be able to make a far better case for the value of these programs in discussing their role in preventing cyberattacks rather than preventing terrorist plots.

And yet it hasn’t done so, even as it pushes one after another attempt to legislate internet access in the name of protecting Intellectual Property and critical infrastructure.

Given the increasing focus on cybersecurity — and the already dishonest claims people like Mike Rogers have made about the means to accomplish that focus — this is the discussion we need to be having, rather than digging up terror plots first developed in 2004 that never happened. But in the same way the government shied away from conducting an honest discussion with us in 2001 and again in 2006 about these programs, it is refusing to conduct an honest discussion about cybersecurity today.

And, ironically, that refusal is preventing them from describing the value of a program that surely contributes more to countering cyberattacks than terror attacks at this point.

Share this entry

https://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.png00emptywheelhttps://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.pngemptywheel2013-06-18 14:05:152013-06-18 14:05:15Terrorist Hobgoblins Bite the Intelligence Community in Its Efficacy Ass

How much easier to expand intrusive cyber searches in looking for minutia to justify an increasing budget than institute better firewalls, malware and virus protection for the DoD. It’s much more sexy and easier sale, though more expensive and less effective, for more programs and surveillance. Screaming Terror, Terror, terror get the needed results for the intel industry

David Headley’s plot against the Danish newspaper was stopped by the NSA. Oops, do the Spymasters really want to use Headley as an example of NSA stopping a plot? They have been using him for twelve years. Sean Joyce of the FBI becomes the latest to spread the myths about Headley. Maybe he does not know that Mumbai was an ISI operation. Or maybe it was an ISI/NSA operation. The NSA perhaps monitored the VOIP used by ISI to command the Mumbai terror.

They did not stop Mumbai. The FBI was investigating Headley before Mumbai. And guess who refutes Joyce? Philip Mudd “retired” Spymaster. Headley was busted because of Mumbai according to Mudd.

First, the case of David Coleman Headley, a Pakistani-American, reveals an “A-level” plotter who operated in the United States. Headley was involved with plotting attacks for Lashkar-i-Tayyiba (LT, or LeT), a South Asian terrorist group that has at least some ties to al-Qa`ida. Headley, who was born in Washington, D.C. and most recently lived in Chicago, was arrested in October 2009 in the United States for involvement in the 2008 Mumbai terrorist attacks and for plotting against employees of a newspaper in Copenhagen, Denmark.[4]

Second, Umar Farouk Abdulmutallab, who studied at a university in London, attempted to detonate explosives on a Northwest Airlines commercial aircraft just outside Detroit on December 25, 2009

And Undie #1 did not attempt to detonate the explosive Undie Bomb. It was detonated.

With all the phone call data collecting going on and with the dead Boston bombing suspect having been flagged a year or so ago by Russian authorities, why weren’t the US intelligent agencies able to stop the Boston Marathon bombing?

I don’t want to hear about how terrorists were stopped using the program – that’s what the program is for. It should be doing that. I want to hear if the program is being abused, if people are looking where they should not be looking, or doing things that are prohibited by statute. Either by individuals (bad) or institutionally by design (egregious). It seems like Snowden says they are going beyond the limits, yet there is no hard evidence beyond anecdotes like “I know people who looked where they should not have, laughed about it, and told their friends”.

We – the USA – need to have the conversation we never had around “do we want to do this, and what is it that we want to do, in detail?” – BushCo decided this for us in secret. But we also need to know if we’ve been duped so far by the mechanism that’s in place and running for the last 10+ years.

@dustbunny44: Inching ever closer to asking the right questions, which relate to whether the way these “laws” are being interpreted and applied by the agencies is, in fact, consistent with the Constitution. That’s a much different question from whether the laws enacted by a fear-frozen Congress are constitutional, or whether the actions of the executive branch “pursuant” to these laws are “legal.” You’re right, dustbunny.

Michael Tomasky today has written what he considers to be a very intelligent post in which he “breaks his silence” to reassure us that Obama is “different” from Bush because Bush operated without “legal authority” while Obama has operated “pursuant” to laws passed in the wake of 9/11 and in response to Bush oversteps of those laws. True, but hardly reassuring. Same for the very capable job of deconstructing and debunking the facial disingenuity of most of the carefully-caveated yet bombastic “affirmations” of how these programs have met the threat of, oh, TERRA! TERRA! TERRA! in commentaries made to frighten those oversightly-challenged weaklings in Congress into worrying more about whether they’ll be blamed if a truck explodes on a highway and “it might have been stopped if only…” — that line of analysis does not pose or answer the question of how we can assess what is actually happening in a fashion that might actually result in directing our security apparatus into a constitutionally-legitimate structure and a constitution-respecting bureaucracy.

Snowden’s disclosures have set in motion some reactions that actually present the possibility of considering these pragmatic-and-philosophical concepts, and for the very first potentially meaningful time. The problem now is how to do that. Should this be a purely “congressional” exercise? I hope not, for that is what the bureaucrats are angling for — just spout uncheckable soundbites in front of panels of congresscritters whose very last goal in all this would be to be considered “responsible” for what’s going on….. Final proof of that was provided when only 47 of 100 Senators showed up for a “briefing” dog/pony opp last Thursday. But, if Congress won’t/can/t be counted on, does this mean we just put the shoulder braids on the generals and let Clapper lie to us some more? And treat that as “confirmation” of the “legitimacy” of what’s going on?

Obama is making “I’m a responsible constitutional officer, let’s disclose some stuff to validate my claim” kinds of noises. These could prove useful — but on the assumption Marcy won’t be asked to evaluate and decide the ultimate outcome, how will we move toward that as a country?

In the past two weeks, there has been debate and discussion in this country far more informed than in the past decade — and there is a chance that enough information may actually be disclosed to permit a reasoned evaluation of these policies and their interpretation/implementation/effects to actually hope to align these issues to the actual constitutional framework that pretty much everyone would like to believe governs this country. Who should head up that task, how can it be accomplished in an environment like this?

@Snoopdido: That CNN transcript only covers the very first part of that hearing. Bits and pieces of the hearing are in other CNN transcripts, but apparently no single source for the entire hearing as of yet. Sorry about that.

So far, it appears that all four examples given were invalid. Headley and Zazi were flagged by foreign intelligence. Their contact information was not ascertained through an electronic dragnet. The last two were only involved in financial transactions.

“The officials said the NSA archive of domestic telephone calling records is used only for terrorism investigations and espionage cases. Only 22 analysts in the agency’s vast workforce are authorized to access the database, and they conducted about 300 queries last year.”

Questions:

Only 22 analysts? Really? The NSA only has 22 analysts checking the database of all American domestic phone call records for terrorism investigations and espionage cases? And they only made 300 queries last year?

Are there other agencies who are allowed to access the database? If so, who and how many people?

i have edited and reiterate here a comment i made earlier today at rayne’s post.

the point i want to emphasize is that i consider the fisa court as a kind of dummy variable – a stand-in for responsible, effective oversight of nsa’s massive spying on americans’ communications, but not itself responsible or effective in protecting the privacy of individual american citizens:

orionATL on June 18, 2013 at 12:47 pm said:

some things, some very important things, are becoming crystal clear:

– the fisa court is completely incompetent/impotent to protect the privacy of an american citizen.

– the fisa court is useful to politicians as a means to provide our president and congresscritters with political cover and avoidance of responsibility for their repeatedly authorizing and funding the vast spying bureaucracy of today

and

the fisa court is useful to security bureaucrats because it provides those in the nsa/fbi/cia cover to continuously expand their spy operations and avoid outside evaluation and criticim of their operations.

– it is way past time to insist our political leaders stop chanting the “fisa court mantra” as a way of ducking and evading their responsibility and accountability for failing to adequately monitor the vast domestic spying apparatus they have birthed and nurtured over the last 15 years.

“• This program concerns the collection only of telephone metadata. Under this program, the government does not acquire the content of any communication, the identity of any party to the communication, or any cell-site locational information.”

Does this statement mean what it appears to say? That under THIS program, the government does not acquire content, the identity or cell-site locational information, but that stuff is acquired by other government programs?

“• This metadata may be queried only when there is a reasonable suspicion, based on specific and articulated facts, that the identifier that will be used as the basis for the query is associated with specific foreign terrorist organizations.

• The basis for these queries must be documented in writing in advance.”

Do these 2 bullet items mean what they appear to say? That NSA analysts can indeed query the US domestic phone call record metadata database without a warrant as we’ve suspected? The answer according to the NSA seems to be yes.

“• Metadata collected under this program that has not been reviewed and minimized must be destroyed within 5 years.”

Does this statement mean what it appears to say? That US domestic phone call record metadata that has been reviewed and/or minimized is NOT destroyed after 5 years?

“• These certifications define the categories of foreign actors that may be appropriately targeted, and by law, must include specific targeting and minimization procedures adopted by the Attorney General in consultation with the Director of National Intelligence and approved by the Court as consistent with the law and 4th Amendment to the Constitution.”

Does this statement mean what it appears to say? The certifications ONLY define categories? Such as the category Terrorist? Or the category Criminal? Or the category Drug Dealer? Or the category Money Launderer? Or the category Obnoxious Journalist/Blogger?

“• There must be a valid, documented foreign intelligence purpose, such as counterterrorism, for each use of this authority. All targeting decisions must be documented in advance.”

Does this statement mean what it appears to say? That “such as counterterrorism” was only a single example of many possible purposes? That targeting decisions are documented in advance by whom and for whom?

“• Any inadvertently acquired communication of or concerning a U.S. person must be promptly destroyed if it is neither relevant to the authorized purpose nor evidence of a crime.”

Does this statement mean what it appears to say? That acquired communications concerning U.S. persons are not destroyed if there is evidence of a crime? Doesn’t this destroy the 4th Amendment’s insistence for a warrant based on probable cause?

“• The dissemination of any information about U.S. persons is expressly prohibited unless it is necessary to understand foreign intelligence or assess its importance; is evidence of a crime; or indicates a threat of death or serious bodily harm.”

Does this statement mean what it appears to say? That acquired communications concerning U.S. persons are can be disseminated if there is evidence of a crime? Doesn’t this again destroy the 4th Amendment’s insistence for a warrant based on probable cause?

For a taste of what that kind of institutionalized corruption looks like, take a look at the amount of money Booz Allen Hamilton and its parent company The Carlyle Group spend on campaign contributions and lobbying.

[snip]

The success of that pressure is exemplified by the title of today’s congressional hearing with the head of the NSA, Gen. Keith Alexander. The hearing doesn’t ask why Alexander lied to Congress or whether the NSA has engaged in illegal acts. No, a Congress bankrolled by firms like Booz Allen predictably calls the hearing “How Disclosed NSA Programs Protect Americans and Why Disclosure Aids Our Adversaries,” the two preconceived assumptions being that 1) the NSA’s surveillance programs, which generate huge profits for companies like Booz, are beneficial to Americans’ security and 2) critics of those programs hurt the country.

why did generals clapper and alexander lie to the media and hence to american citizens about the extent of nsa’s spying domestically on u.s. citizens?

why did president obama lie to the american people by saying that the nsa does notlisten in on citizen’s conversations at the time they are being made
without also revealing the conversations are recorded and available for any nsa analyst to listen to later – without a warrant?

one answer to these questions can be inferred from reading this article:

@newz4all:
>>It’s hard to see how any system that captures data from millions of law-abiding citizens satisfies our right to privacy

Agreed. Would Jefferson and peers consider it an invasion of privacy if someone were followed constantly, noting their location, purchases, who they talked with, what information they gathered and served up, 24-7? I think so. And they’re vacuuming up all this data, along with our phone calls (to be listened to later upon approval by the FISA court) because it’s relatively easy to do.

But I’m suprised that people apparently didn’t know this was going on – read James Bamford (The Puzzle Palace, Body of Secrets, etc.) and you know that all the data carriers from Western Union to Iridium have routinely made their trunk lines available to the US government. And software companies like Apple and Microsoft and now all these others have routinely given back-doors to their products to the government. Cost of doing business, it seems (or perhaps the government has some leverage we don’t know about). It was months ago that the Utah data center was announced where they will store the contents of all phone communication forever, presumably to listen to it only after a FISA authorization – what do people think that means? It means they record everything.

So the first question, now that everyone’s talking about it, is do we really want us to do that.

The bigger question, in my mind, is if and how they have overstepped those pretty wide boundaries, and if so can we have some hard evidence.

What is interesting about it is that it nowhere mentions any plan to blow up the New York Stock Exchange. The one terrorism related count, that of assisting a terrorist organization involved donating $23,000 to al Qaida, swearing allegiance to al Qaida, and “Some of defendant’s conversations with others also involved plans for them to participate in various types of actions to support Al-Qaida, including fighting in Afghanistan, Iraq, or Somalia.” And the likely way he came under scrutiny was through an initial $6,500 wire transfer to the UAE.

@Hugh: One has to wonder whether there was a US agent on the other end feeding him ideas for plots as in the case with Quazi Mohammad Reswanul Ahsan Nafis, who had to be driven to the New York Federal Reserve by the undercover FBI informant because he couldn’t drive.